CVE-2017-9542

Name of the Vulnerable Software and Affected Versions D-Link DIR-615 Wireless N 300 Router

Description The issue is related to weaknesses in the authentication procedure of the router's firmware. It can be exploited by a remote attacker using a modified POST request to the "login.cgi" endpoint, allowing them to bypass authentication. The problem arises because the router fails to properly validate the password field. Successful exploitation enables an attacker to gain control of the affected device.

Recommendations For D-Link DIR-615 Wireless N 300 Router, consider disabling access to the "login.cgi" endpoint until a patch is available to prevent exploitation. Restricting access to this endpoint can minimize the risk of unauthorized control. At the moment, there is no information about a newer version that contains a fix for this vulnerability.